Obtaining a bootstrap certificate and trust anchor
To enable the SDA technician demo application and your target (IoT device) to trust each other, you must provide the target with a trust anchor.
In developer mode
To shorten the process for demo and development purposes, use developer mode, which enables you to run the secure device access flow with a developer certificate and a trust anchor that you compile together with the secure device access client, as described below.
Generate a bootstrap certificate
To generate a developer certificate:
- From the Device Management Portal side menu, select Device identity > Certificates.
- Click New certificate > Create a developer certificate.
- Enter a name and, optionally, a description for the certificate, and click Create certificate.
The certificate should appear in ACTIVE status in the list of certificates for your account.
- Click Download Developer C file. This downloads the
mbed_cloud_dev_credentials.cfile to your computer. You will use this file when you build the client binaries.
Obtain a trust anchor
To get your trust anchor:
- From the Device Management Portal side menu, select Device identity > Trust anchor.
- Copy the PEM-format trust anchor. You will need this trust anchor when you build the client binaries.
In production mode
In production, you must install factory-configurator-client-example, which is an implementation of Device Management Client, onto your target. This enables you to provision and store a trust anchor and other credentials on your target, as described in the provisioning documentation.